Life Lenovo patches severe flaws in PC support tool The flaws could allow attackers to execute malicious code with system privileges and to kill other processes 28 Jun
Pro Severe flaws in widely used open source library threaten projects Input validation flaws in libarchive could lead to remote code execution 23 Jun
Pro Flaws expose Cisco RV series routers, firewalls to hacking Attackers can take control of the affected devices by sending specifically crafted HTTP requests to them 20 Jun
Pro Hackers exploit unpatched Flash Player vulnerability Adobe releases updates for Reader, Acrobat, and ColdFusion, but is still working on the Flash Player patch 13 May
Pro Aruba fixes networking device flaws that could open doors for hackers The flaws affect ArubaOS, the AirWave Management Platform (AMP) and Aruba Instant (IAP) 10 May
Pro Lenovo patches serious flaw in support tool Flaw could allow attackers to gain higher privileges on compromised computers 9 May
Pro GitLab repairs critical flaw letting users log in as admins Fixes are available for all supported versions of GitLab Community Edition and GitLab Enterprise Edition 9 May
Pro Three-year-old IBM patch for critical Java flaw is broken Attackers can easily bypass the patch to exploit a vulnerability that allows them to escape from the Java security sandbox 6 Apr
Pro Google engineer finds flaw in Node.js NPM scripts Self-replicating worm can easily spread through the ecosystem 30 Mar
Pro VMware fixes XSS flaws in vRealize for Linux Stored XSS vulnerabilities in vRealize affected only some versions, but could result in code execution 18 Mar
Pro Continuous assessment is the answer to minimising vulnerability, says edgescan’s Keary Better protection through continuous assessment across technology stacks 14 Mar
Pro Two-year-old Java flaw re-emerges due to broken patch 2013 patch easily bypassed to attack the latest Java versions, say security researchers 14 Mar
Pro OpenSSL update fixes DROWN vulnerability Attack decrypts TLS sessions on servers supporting SSL v2, using RSA key exchange 3 Mar
Pro Unix bug puts Linux systems at risk Google and Red Hat researchers released a patch for a critical remote code execution flaw in glibc 2.9 and later 18 Feb
Pro Cisco VPN flaw exposes security appliances to remote hacking Firewalls running Cisco Adaptive Security Appliance software can be compromised remotely with malformed UDP packets 12 Feb
Pro Trend Micro flaw could have allowed attacker to steal passwords Problem patched, and another remote execution flaw found by a well-known Google security researcher 13 Jan
Pro Linux bootloader vulnerability puts locked-down machines at risk Key press cycle can bypass Grub2 bootloader password 18 Dec
Pro Google researchers find FireEye remote execution bug Researchers found a software flaw in several models of FireEye's security appliances 17 Dec
Pro Node.js discloses two critical security vulnerabilities Foundation revealed a denial-of-service and an out-of-bounds access issue and said the fixes will come next week 26 Nov
Pro Self-encrypting drives little better than software-based encryption Researchers demonstrated attacks against self-encrypting drives used in enterprise environments 13 Nov
Pro Serious vulnerabilities leave open doors in SAP HANA systems Newly discovered flaws in SAP's HANA platform are its most serious ever 9 Nov
Pro Hackers infect MySQL servers with malware for DDoS SQL injection used to exploit a MySQL feature, installing malware 3 Nov
Pro Xen patches VM escape flaw Xen Project fixes vulnerabilities, including one that could allow virtual machine break out to gain host system control 2 Nov
Pro SYNful Knock router exploit isn’t going away soon Researchers find exploit can stealthily linger and update itself 21 Sep
Pro Vulnerability in enterprise-managed iOS devices puts data at risk App settings deployed through mobile device management products can be read by other apps 21 Aug
Pro Google Admin app zero day allows malicious apps to read files Android Admin app vulnerability can allow Google for Work account credentials to be stolen 18 Aug
Pro Cisco’s SDN controller has a security hole Company issues software to plug a root user access vulnerability 4 Aug
Pro DNS server attacks using BIND flaw Analysts had predicted attackers would quickly figure out how to take advantage of the flaw 4 Aug
Life HP’s ZDI discloses new vulnerabilities in Internet Explorer ZDI went public after extending the disclosure deadline twice with no fix forthcoming from Microsoft 24 Jul
Pro OpenSSH bug exposes servers to brute-force password attacks Keyboard-interactive authentication setting could allow for thousands of password retries, a researcher found 23 Jul
Pro Cyberespionage group exploits unpatched Java flaw Exploit was used by Pawn Storm against armed forces of a NATO country and a US defence organisation 15 Jul
Pro VMware patches multiple vulnerabilities Flaws in Workstation, Player, Fusion and Horizon View Client could lead to code execution, privilege escalation and denial-of-service 14 Jul
Pro OpenSSL warns of another high severity flaw Patches will be released on 9 July for OpenSSL 1.0.1 and 1.0.2 8 Jul
Pro Hacking Team breach reveals vulnerability of jailbroken iPhone Breach of firm selling comms monitoring apps to governments shows why it's a bad idea to jailbreak iOS devices 7 Jul
Pro Cybercriminals adopt recently patched zero-day exploit in a flash Just four days for a recently patched vulnerability in Flash Player to be exploited for large-scale attacks 30 Jun
Pro Critical flaw in ESET products demonstrates spy group interest in AV Flaw could allow attackers to compromise systems through various sources 25 Jun
Pro Adobe patches zero-day Flash Player flaw used in targeted attacks Vulnerability exploited by China-based cyberespionage group for weeks, says FireEye 24 Jun
Pro Average of 24 vulnerabilities per app from buggy components Developers often unwittingly use components that contain flaws 18 Jun
Subscribers 0
Fans 0
Followers 0
Followers